Disappearing OWA and Exchange virtual directory settings

Be careful when rebooting Internet Information Server. You may lose changes to your Outlook Web Access and Exchange Server virtual directory settings.

Please let others know how useful this tip is via the rating scale at the end of it. Do you have a useful Exchange

or Outlook tip, timesaver or workaround to share? Submit it to SearchExchange.com. If we publish it, we'll send you a nifty thank you gift.


VIEW MEMBER FEEDACK TO THIS TIP

Administrators who work with Outlook Web Access (OWA) and other Exchange Server features that are integrated into Internet Information Server (IIS) occasionally report a strange phenomenon -- when IIS reboots, changes made to Exchange virtual directories disappear.

One consequence of this occurrence is that changes made to OWA's Basic Authentication settings will be lost, forcing users to sign into OWA using the domain\username convention (which can be annoying).

Why this happens

When IIS starts, it reads its configuration information from the IIS metabase file. However, Exchange Server keeps most of its configuration information in Active Directory, including configuration information for Exchange's IIS objects like virtual directories.

A process called DS2MB runs every 15 minutes to make sure that object information in the IIS metabase matches what's stored in AD. If there are any discrepancies, the metabase is changed; IIS will then read that information the next time it starts up. (If you have IIS set to allow direct changes to the metabase, it will reread the metabase as soon as it's edited.)

This synchronization is a one-way street. The IIS metabase is always updated by DS2MB to reflect what's in AD, but not the other way around. This is why any changes you make to virtual objects directly through the IIS metabase (or through IIS's MMC snap-in) get destroyed.

How to change OWA's IIS settings

So the lesson here is that, if you want to change the way OWA is set up in IIS, you need to do so through Exchange System Manager, not IIS.

For instance, the aforementioned OWA authentication setting would be found in Exchange System Manager under <Organization> -> Administrative Group -> <Group name> -> Servers -> <Server name> -> Protocols -> HTTP -> Exchange Virtual Server -> Outlook Web Access (or whichever Exchange-governed virtual site you want to edit) -> Properties -> Access -> Authentication.

About the author: Serdar Yegulalp is editor of the Windows Power Users Newsletter.


MEMBER FEEDBACK TO THIS TIP

Thanks for the article; it explains why my IIS settings are removed from time to time. I do have one question though. In the front-end server, I created a new HTTP virtual server with a new host name/IP address. However, when I configure the IP address/host/port/SSL settings, the SSL port field is grayed out and I can't put anything into it. Since Exchange System Manager (ESM) overwrites the settings in IIS, it overwrites the SSL port settings I specified in IIS. What am I missing?
—Gabriel V.

******************************************

As far as I know, SSL as configured through Exchange System Manager (ESM) will only work on port 443 (the standard port for SSL). Also, if you have no certificate available for SSL, SSL will not be available -- you may need to remove any existing certificate you have, set up ESM, and then add the certificate.

You may also want to look at this Microsoft Knowledge Base article. Apparently you cannot set both the TCP port and the SSL port at the same time when you're creating an HTTP protocol server through ESM. They have to be set separately.
—Serdar Yegulalp, tip author

******************************************

In Small Business Server 2003, I cannot find this setting in Exchange System Manager. I am redirected to IIS. Do you have any suggestions?
—Guido E.

******************************************

I think my instructions in the tip were a little abbreviated. Expand the Exchange Virtual Server node in Exchange System Manager (ESM) and each of the virtual sites in IIS will be listed there. You can then get properties for each of them.
—Serdar Yegulalp, tip author


Do you have comments on this tip? Let us know.

Related information from SearchExchange.com:

  • Step-by-Step Guide: How to repair Exchange-related IIS virtual directories
  • Tip: Exchange Server diagnostics: Digging into IIS logs
  • Ask the Expert: Configuring IIS to authenticate OWA users
  • This was first published in March 2006

    Dig deeper on Outlook Web Access

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    SearchWindowsServer

    SearchEnterpriseDesktop

    SearchCloudComputing

    SearchSQLServer

    Close